Attackers sometimes deploy complex "finger-printing" tools to determine server type. By
submitting non-standard HTTP requests (like DELETE requests) and broken HTTP headers, they can
heuristically determine the likely server type by examining how it responds in these ambiguous
situations.
